Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
« previous
next »
Print
Pages: [
1
]
Author
Topic: VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1 (Read 1629 times)
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1554
Karma: 172
VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
«
on:
July 24, 2023, 12:17:11 pm »
Hello,
When using the old "VPN: IPsec: Tunnel Settings" each phase 1 had firewall rules created automatically in "Firewall: Rules: Interface", allowing the remote and local ipsec peers to communicate with each other.
I want to know if VPN: IPsec: Connections [new] not creating these automatic firewall rules is a design choice, or if it should happen and it just doesn't work for me.
I defaulted to recreating the IPsec rules manually and use an alias group in it for all remote IPsec peers.
Logged
Hardware:
DEC740
franco
Administrator
Hero Member
Posts: 17628
Karma: 1607
Re: VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
«
Reply #1 on:
July 24, 2023, 01:14:44 pm »
I think that's a feature as people tend to complain about automatic rules.
Cheers,
Franco
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1554
Karma: 172
Re: VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
«
Reply #2 on:
July 24, 2023, 01:54:13 pm »
Thanks for the answer.
I personally don't mind it either way. It just might suprise some people who migrate their tunnels from the old into the new gui.
Logged
Hardware:
DEC740
franco
Administrator
Hero Member
Posts: 17628
Karma: 1607
Re: VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
«
Reply #3 on:
July 24, 2023, 01:58:11 pm »
FWIW, it's documented here:
https://docs.opnsense.org/manual/vpnet.html#firewall-rules
"The new connections feature does not offer this and (WAN) rules have to be specified manually in order to connect to IPsec on this host."
Cheers,
Franco
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1554
Karma: 172
Re: VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
«
Reply #4 on:
July 24, 2023, 02:03:12 pm »
Thank you, I will search the docs next time.
Logged
Hardware:
DEC740
franco
Administrator
Hero Member
Posts: 17628
Karma: 1607
Re: VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
«
Reply #5 on:
July 24, 2023, 02:19:50 pm »
No problem. We tried to make sure this is mostly covered in the docs also for the upcoming OpenVPN instances GUI.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
VPN: IPsec: Connections [new] not creating automatic firewall rules for phase 1
